Ministeri Harakka: Panostus kriittisten toimialojen tietoturvaan ja tietosuojaan on investointi tulevaisuuteen
www.lvm.fi/-/ministeri-harakka-panostus-kriittisten-toimialojen-tietoturvaan-ja-tietosuojaan-on-investointi-tulevaisuuteen-1376154 Valtioneuvosto vahvisti 10. kesäkuuta 2021 periaatepäätöksen, jolla linjataan toimia yhteiskunnan kriittisten toimialojen tietoturvan ja tietosuojan tason parantamiseksi. Periaatepäätöksen linjaukset perustuvat asiaa selvittäneen poikkihallinnollisen työryhmän ehdotuksiin.
Jättimäinen huijausaalto pyyhkii Suomea Varo tekstiviestejä!
www.iltalehti.fi/tietoturva/a/ffdd91fc-4435-4ce8-ab6a-6a47d69bc1d4 Nyt Kyberturvallisuuskeskus varoittaa uusista huijausviesteistä, jotka liittyvät todennäköisesti samaan haittaohjelmaan. Kotimaisista numeroista lähtee nyt tekstiviestitse linkkejä, jotka voivat liittyä liikkeellä olevaan Android-haittaohjelmaan, Kyberturvallisuuskeskus tiedottaa Twitter-tilillään. Lisäksi: https://twitter.com/CERTFI/status/1402586666217480192
BackdoorDiplomacy: Upgrading from Quarian to Turian
www.welivesecurity.com/2021/06/10/backdoordiplomacy-upgrading-quarian-turian/ An APT group that we are calling BackdoorDiplomacy, due to the main vertical of its victims, has been targeting Ministries of Foreign Affairs and telecommunication companies in Africa and the Middle East since at least 2017. For initial infection vectors, the group favors exploiting vulnerable internet-exposed devices such as web servers and management interfaces for networking equipment.
Russia accused of hacking Dutch police during MH17 investigation
blog.malwarebytes.com/reports/2021/06/russia-accused-of-hacking-dutch-police-during-mh17-investigation/ Journalists at the Dutch newspaper “De Volkskrant” have reported that the country’s intelligence service, AIVD, discovered in 2017 that Russian hackers had broken into Dutch police systems. The De Volkskrant report is based on knowledge from anonymous sources. The reason behind this act of espionage is thought to be the ongoing MH17 investigation. Lisäksi:
Hackers breach gaming giant Electronic Arts, steal game source code
www.bleepingcomputer.com/news/security/hackers-breach-gaming-giant-electronic-arts-steal-game-source-code/ Hackers have breached the network of gaming giant Electronic Arts (EA) and claim to have stolen roughly 750 GB of data, including game source code and debug tools. EA confirmed the data breach in a statement sent to BleepingComputer saying that this “was not a ransomware attack, that a limited amount of code and related tools were stolen, and we do not expect any impact to our games or our business.”. Lisäksi:
Hackers can exploit bugs in Samsung pre-installed apps to spy on users
www.bleepingcomputer.com/news/security/hackers-can-exploit-bugs-in-samsung-pre-installed-apps-to-spy-on-users/ Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system. The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company’s bug bounty program.
Ransomware: Meat firm JBS says it paid out $11m after attack
www.zdnet.com/article/ransomware-meat-firm-jbs-says-it-paid-out-11m-after-attack Global meatpacker JBS USA has paid $11 million in Bitcoin to cyberattackers that encrypted its files and disrupted operations in the US and Australia with ransomware, the company has said. JBS USA chief Andre Nogueira confirmed the company had made the payment to the attackers.
Emerging Ransomware Targets Dozens of Businesses Worldwide
thehackernews.com/2021/06/emerging-ransomware-targets-dozens-of.html An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, “Prometheus” is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle East and North Africa last year.
New Chrome 0-Day Bug Under Active Attacks Update Your Browser ASAP!
thehackernews.com/2021/06/new-chrome-0-day-bug-under-active.html Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild. Lisäksi:
Steam Gaming Platform Delivering Malware
threatpost.com/steam-gaming-delivering-malware/166784/ Emerging malware is lurking in Steam profile images. Look out for SteamHide, an emerging loader malware that disguises itself inside profile images on the gaming platform Steam, which researchers think is being developed for a wide-scale campaign.
Researchers create an ‘un-hackable’ quantum network over hundreds of kilometers using optical fiber
www.zdnet.com/article/researchers-created-an-un-hackable-quantum-network-over-hundreds-of-kilometers-using-optical-fiber/ Researchers from Toshiba have successfully sent quantum information over 600-kilometer-long optical fibers, creating a new distance record and paving the way for large-scale quantum networks that could be used to exchange information securely between cities and even countries.